New York state’s proposed cyber security
regulation for financial services companies is by far the most
comprehensive set of digital security rules in the US. It has
been met with scepticism by some though.
The Department of Financial Services (DFS), which under head
Benjamin Lawsky has made cyber security a priority, introduced
proposed rules in late September to tighten digital security
among the state’s many financial services
companies. The consultation over those proposed rules is
These rules include the requirement for any licenced entity
in the state to appoint a chief information security officer,
and put in place measures to protect against cyber attacks.
The organisation will also have to implement a cyber
security policy detailing measures in place – the
proposed regulation also envisages the launch in 2018 of a
so-called certification document signed by the board and
submitted to the DFS.